From CNET: Equifax agreed to pay at least $575 million to the US Federal Trade Commission, the Consumer Financial Protection Bureau (CFPB), and all 50 states over its massive 2017 data breach. If that isn't enough compensate people impacted by the breach, the credit reporting company could have to pay up to $700 million -- a figure we got hints about on Friday.
The settlement is made up of $300 million for a fund providing impacted consumers with credit monitoring services, and compensate those who bought credit or identity monitoring services in the wake of the breach. If that doesn't cover the losses, Equifax will add up to $125 million to the fund. It's also agreed to pay $175 million to 48 states, the District of Columbia and Puerto Rico, as well as $100 million in civil penalties to the CFPB.
Hackers stole the personal information -- including Social Security numbers and home addresses -- of nearly 148 million Americans from Equifax's servers in a data breach that ran from May and July 2017. A December 2018 House Oversight Committee report called the breach "entirely preventable," saying Equifax didn't take action to prevent it and wasn't prepared for the aftermath.
View: Article @ Source Site